Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bea weblogic server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-2576
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2, 9.1, 9.0, and 8.1 SP6 has unknown impact and local attack vectors.
Oracle Weblogic Server 8.1
Oracle Weblogic Server 9.0
Oracle Weblogic Server 9.1
Oracle Weblogic Server 9.2
NA
CVE-2008-2577
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 9.2 MP1 has unknown impact and remote authenticated attack vectors.
Oracle Weblogic Server 9.2
NA
CVE-2008-2578
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 and 9.2 MP1 has unknown impact and local attack vectors.
Oracle Weblogic Server 9.2
Oracle Weblogic Server 10.0
NA
CVE-2008-2581
Unspecified vulnerability in the WebLogic Server component in Oracle BEA Product Suite 10.0 MP1, 9.2 MP3, 9.1, 9.0, 8.1 SP6, and 7.0 SP7 has unknown impact and remote attack vectors related to UDDI Explorer.
Oracle Bea Product Suite 10.0
Oracle Bea Product Suite 7.0
Oracle Weblogic Server Component 8.1
Oracle Weblogic Server Component 9.0
Oracle Bea Product Suite 8.1
Oracle Bea Product Suite 9.0
Oracle Weblogic Server Component 9.1
Oracle Weblogic Server Component 9.2
Oracle Bea Product Suite 9.1
Oracle Bea Product Suite 9.2
Oracle Weblogic Server Component 10.0
Oracle Weblogic Server Component 7.0
NA
CVE-2008-0897
Unspecified vulnerability in BEA WebLogic Server 9.0 up to and including 10.0 allows remote authenticated users without "receive" permissions to bypass intended access restrictions and receive messages from a standalone JMS Topic or secured Distributed Topic member dest...
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
NA
CVE-2008-0900
Session fixation vulnerability in BEA WebLogic Server and Express 8.1 SP4 through SP6, 9.2 through MP1, and 10.0 allows remote authenticated users to hijack web sessions via unknown vectors.
Bea Weblogic Server 8.1
Bea Weblogic Server 10.0
Bea Weblogic Server 9.2
Bea Systems Weblogic Express 10.0
Bea Systems Weblogic Express 9.2
NA
CVE-2008-0901
BEA WebLogic Server and Express 7.0 up to and including 10.0 allows remote malicious users to conduct brute force password guessing attacks, even when account lockout has been activated, via crafted URLs that indicate whether a guessed password is successful or not.
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 9.2
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
NA
CVE-2008-0902
Multiple cross-site scripting (XSS) vulnerabilities in BEA WebLogic Server and Express 6.1 up to and including 10.0 MP1 allow remote malicious users to inject arbitrary web script or HTML via unspecified samples. NOTE: this might be the same issue as CVE-2007-2694.
Bea Weblogic Server 6.1
Bea Weblogic Server 7.0
Bea Weblogic Server 8.1
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Systems Weblogic Server 10.0 Mp1
NA
CVE-2008-0903
Unspecified vulnerability in the BEA WebLogic Server and Express proxy plugin, as distributed before November 2007 and prior to 9.2 MP3 and 10.0 MP2, allows remote malicious users to cause a denial of service (web server crash) via a crafted URL.
Bea Systems Weblogic Server
Bea Systems Weblogic Express
NA
CVE-2008-0898
The distributed queue feature in JMS in BEA WebLogic Server 9.0 up to and including 10.0, in certain configurations, does not properly handle when a client cannot send a message to a member of a distributed queue, which allows remote authenticated users to bypass intended access ...
Bea Weblogic Server 10.0
Bea Weblogic Server 9.0
Bea Weblogic Server 9.1
Bea Weblogic Server 9.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »